Security Engineer
Privy- Full Time
- Senior (5 to 8 years)
Candidates should possess a Bachelor’s degree in Computer Science or a related field, along with a strong understanding of secure web application development, including knowledge of OWASP Top 10 vulnerabilities such as XSS, CSRF, and SQL Injection. Experience with secure authentication and authorization mechanisms like OAuth, OpenID Connect, and JWTs is required, as is proficiency in implementing mitigations like CSP and secure HTTP headers. Familiarity with client-side security, cross-browser compatibility, and privacy-preserving techniques is also essential.
As a Staff Product Security Software Engineer, you will be a key member of the Security Engineering Team, focused on building robust protections for Quora and Poe. You will develop secure web applications and APIs, conduct security testing, and implement mitigations for common web vulnerabilities. You will also contribute to improving the security posture of client-side web applications, ensuring cross-browser compatibility, and addressing privacy concerns. Furthermore, you will analyze and mitigate the impact of security features on performance and scalability, working closely with other engineers to maintain a secure and reliable platform.
Global knowledge sharing and AI integration platform
Quora is a global platform for knowledge sharing that attracts over 400 million unique visitors each month. It allows users to share insights on a wide variety of topics, creating a community focused on learning and connection. Users include individuals looking for information, experts sharing their knowledge, and businesses engaging with a knowledgeable audience. Quora also features Poe, a platform that combines several AI language models like GPT-4 and DALL-E 3, enabling users to chat and explore these technologies in one place. Unlike many competitors, Quora's business model relies on targeted advertising to its large user base, allowing it to continuously expand its offerings to meet user needs.